Lucene search

[email protected]CVE-2023-2687

HistoryJun 02, 2023 - 4:15 p.m.

CVE-2023-2687

2023-06-0216:15:09

CWE-131

[email protected]

web.nvd.nist.gov

cve-2023

buffer overflow

platform cli component

silicon labs

gecko sdk

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.

Affected configurations

NVD

Node

silabsgecko_software_development_kitRange≤4.2.1

CPENameOperatorVersion
silabs:gecko_software_development_kitsilabs gecko software development kitle4.2.1

CPE	Name	Operator	Version
silabs:gecko_software_development_kit	silabs gecko software development kit	le	4.2.1

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Gecko SDK",
    "vendor": "silabs.com",
    "versions": [
      {
        "lessThanOrEqual": "4.2.1",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

References

community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U2sWXQAZ?operationContext=S1

github.com/SiliconLabs/gecko_sdk/releases

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for CVE-2023-2687

nvd1 prion1 osv1 cvelist1